**This is an old revision of the document!**

Enterprise File Fabric Security Advisory

First published on June 26, 2020

Introduction

The Enterprise File Fabricâ„¢ uses open-source caching software to improve performance. We have become aware of a setting in the caching software that is provided as part of File Fabric versions 1906.06 and 1906.07 that could, dependent on specific deployment topologies, present a security risk.

Although the chances of this occurring are small, we have created a minor update for the File Fabric to prevent it. All customers running either of the affected versions should apply the update.

Applying the Update

This update will take around ten minutes. Users should not use the system wile the update is being carried out.

To apply the update, ssh in to the File Fabric host and su to root. Then execute each of these commands:

yum update sme-containers-redis
cd /var/www/smestorage/containers/redis/
docker-compose down --rmi all
docker-compose up -d

If you have a multi-node File Fabric installation, perform these steps on each node.

Please feel free to contact us at support@storagemadeeasy.com if you have any questions about this update.